Vulnerabilities > CVE-2019-6830 - Improper Handling of Exceptional Conditions vulnerability in Schneider-Electric Modicon M580 Firmware

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
high complexity
schneider-electric
CWE-755
NVD
Published: 2019-09-17
Updated: 2022-10-14

Summary

A CWE-248: Uncaught Exception vulnerability exists IN Modicon M580 all versions prior to V2.80, which could cause a possible denial of service when sending an appropriately timed HTTP request to the controller.

Vulnerable Configurations

Part Description Count
OS
Schneider-Electric
5
Hardware
Schneider-Electric
1

Common Weakness Enumeration (CWE)

Talos

idTALOS-2019-0808
last seen2019-09-20
published2019-08-13
reporterTalos Intelligence
sourcehttp://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0808
titleSchneider Electric Modicon M580 HTTP Request Denial of Service Vulnerability

References